[156276] in North American Network Operators' Group
Re: HXXP browser protocol
daemon@ATHENA.MIT.EDU (Landon Stewart)
Thu Sep 13 17:22:22 2012
In-Reply-To: <BA241CAC-1D41-47B7-A147-AA3E41F26ED6@seanharlow.info>
Date: Thu, 13 Sep 2012 14:21:22 -0700
From: Landon Stewart <lstewart@superb.net>
To: Sean Harlow <sean@seanharlow.info>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 13 September 2012 09:38, Sean Harlow <sean@seanharlow.info> wrote:
> Using "hxxp" is a common method to prevent auto-linking by various
> email/IM clients and/or forum software to then require the user to actively
> copy/paste the URL to get the content.
>
> In the case of a security alert, I could see it being used if the
> destination is in fact an example of an attack site to prevent someone from
> inadvertently clicking the link and getting infected.
>
All true and commonly used but it's worth mentioning that putting a space
before the *dot TLD* is a better way to prevent auto linking in email/IM
clients since most of them detect the formation URLs by other means rather
than rely on the exitence of http://.
--
Landon Stewart <LStewart@Superb.Net>
Sr. Administrator
Systems Engineering
Superb Internet Corp - 888-354-6128 x 4199
Web hosting and more "Ahead of the Rest": http://www.superbhosting.net
